ANGLER PHISHING

Angler Phishing

Criminals create highly convincing customer service accounts on social media, monitor and intercept customer requests, and respond to them with links to fraudulent sites.

Criminals often have alerts set up to inform them when someone posts about specific companies. They contact customers and usually assure them that the problem will be resolved quickly, and invite them to log in to fake websites designed to steal their credentials/install malware.

Advice

For individuals:

Check that the account responding to you is the official account e.g. check whether account names and handles are what you would expect, and check previous posts/when the account was created.

Do not click on suspicious links, if in doubt consider using other official channels for support issues e.g. websites/call centers.

If a page you have been directed to is asking for your details, check for signs that the page is a fake. For example, look closely at the URL for misplaced hyphens/mispellt words/anything out of the ordinary? Does the website use 'HTTPS'? You should also look closely at the language used in the page and the layout. Again, if in doubt search and use the official website independently.

For businesses:

Response plan

Formulate a response plan for handling angler phishing attacks. This could cover:

Response team
Identify who would be responsible for handling these incidents, and make sure they know how to deal with them.

Communication
Think about how you will communicate with victims about incidents. This needs to be quick and efficient.

Triage
Identify steps to protect your customer and your system while you handle the incident e.g. locking the customer's account while you contact them.

Take down fraud accounts
Contact service providers (e.g. Twitter) to take down fraudulent accounts and monitor their activity until accounts are closed. You can also consider using a service to help you identify potential lookalike fraud sites which customers may be directed to e.g. https://dnstwister.report/.

Social Media Support Guidelines
Clearly state how your team uses social media customer support channels. Cover what you would never ask your customers to do/provide through social media.

Reporting
If you've been affected by this or any other type of cyber crime, report the details to Action Fraud (0300 123 2040 / www.actionfraud.police.uk). Always keep an eye out for any suspicious follow up activity as well.

By using this website you agree to our use of cookies to enhance your experience. I understand

Nuclear Conference

Nuclear South West Conference 2019

The Somerset Cyber Group (with BLUELOOP being one of the members) will be exhibiting at the upcoming Nuclear South West Conference 2019 at The McMillan Theatre, Bridgwater on 2nd and 3rd October 2019.

With a theme of ‘Bringing Innovation to Nuclear’, this two-day showcase and conference highlights current and future opportunities in New Build, Decommissioning, Defence and new technologies, including SMRs. 

Our team will be on hand to discuss basic steps in good Cyber Security practice to ensure that all members of the supply chains, no matter how large or small, can ensure that they aren’t the weakest link.

For more information visit: https://nuclearsouthwest.co.uk/events or to book, visit: https://lnkd.in/dGfZ5Dz